Overview
Cisco Secured Emails (Registered Envelope Service, also called SecureDoc) are being blocked by GFI MailEssentials due to the HTML sanitizer and Email Exploit Engine.
Environment
- GFI MailEssentials
- All supported environments
Root Cause
Although these emails are from a trusted source, the method in which they are being sent legitimately registers as an email exploit. Since there is no whitelisting functionality for the Email Exploit Engine, these two rules that trigger on these email types will have to be disabled.
Resolution
- Open the GFI MailEssentials Configuration Console.
- Expand the EmailSecurity node, then click on the HTML Sanitizer to open its properties.
- Select the Whitelist tab and make an entry for the address that is sending the emails. Note that this is not for cisco.com, res.cisco.com, etc.
- Expand the Email Exploit Engine branch and point to Email Exploit Engine.
- Check off rule IDs
7
and10
, then hit the Disable Selected button at the top. - Hit OK and exit the console. Send a test email to confirm the operation is successful.